Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/1-wj9KbOyvPovdcQ24AKqmBV9kwI.roa
File: 1-wj9KbOyvPovdcQ24AKqmBV9kwI.roa (raw, json)
Hash identifier: A1jBMdG8oJ+zW7emB0AaCdyXMT8pXNRo6ZTMw78BX48=
Subject key identifier: FB:08:FD:29:B3:B2:BC:FA:2F:75:C4:36:E0:02:AA:98:15:7D:93:02
Certificate issuer: /CN=8df893edf33208d7a2cf62268613769fb4967c66
Certificate serial: 019423D7365085EFC0164F6018EF91D27013
Authority key identifier: 8D:F8:93:ED:F3:32:08:D7:A2:CF:62:26:86:13:76:9F:B4:96:7C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jfiT7fMyCNeiz2ImhhN2n7SWfGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/1-wj9KbOyvPovdcQ24AKqmBV9kwI.roa
Signing time: Wed 01 Jan 2025 21:48:14 +0000
ROA not before: Wed 01 Jan 2025 21:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43108
IP address blocks: 91.194.76.0/23 maxlen: 23
91.228.4.0/22 maxlen: 22
195.28.26.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/jfiT7fMyCNeiz2ImhhN2n7SWfGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/jfiT7fMyCNeiz2ImhhN2n7SWfGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/jfiT7fMyCNeiz2ImhhN2n7SWfGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:36:50:85:ef:c0:16:4f:60:18:ef:91:d2:70:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8df893edf33208d7a2cf62268613769fb4967c66
Validity
Not Before: Jan 1 21:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb08fd29b3b2bcfa2f75c436e002aa98157d9302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c2:2f:85:88:5a:e8:bc:57:0b:9d:4b:5a:f9:
d7:93:3e:e0:ac:d9:9f:9e:14:d3:02:b2:f9:81:87:
80:7a:af:d4:bd:d4:19:0f:3e:ab:93:e9:7b:72:4f:
7e:56:46:ec:b5:7a:2d:dc:0c:ca:61:1b:6b:0f:97:
ad:6a:3c:51:5a:e0:67:6d:6e:e7:dc:e3:f7:28:77:
d0:d3:42:1e:e8:aa:72:bf:92:ec:dd:d5:f0:74:49:
6c:1e:d9:c5:22:48:59:d6:de:7b:a7:db:63:9e:9c:
86:c0:78:58:e1:05:a1:ea:0d:86:64:3e:1c:e1:37:
13:e0:68:e8:60:f5:e1:f5:31:ea:1a:c2:e1:d8:36:
96:ef:2c:4b:c5:60:2f:20:b1:7e:8d:8f:b0:92:23:
e6:2b:b4:9e:16:f4:8b:62:21:78:1d:f7:25:29:6d:
c9:65:2f:7c:de:32:b2:0e:ff:86:bf:fb:6f:47:73:
ff:3b:79:20:e4:d9:b3:5a:ee:e2:a7:00:85:1f:a7:
e4:e0:a3:b1:36:5d:ac:8a:11:04:0d:8f:d7:d5:37:
a9:67:b7:9e:f0:5a:ee:d8:4d:30:4c:69:03:73:11:
3b:0e:23:46:c0:73:a7:91:9d:7b:0a:e6:cc:cd:8c:
28:d2:24:ce:78:3d:46:38:83:1b:28:70:08:ce:ac:
00:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:08:FD:29:B3:B2:BC:FA:2F:75:C4:36:E0:02:AA:98:15:7D:93:02
X509v3 Authority Key Identifier:
keyid:8D:F8:93:ED:F3:32:08:D7:A2:CF:62:26:86:13:76:9F:B4:96:7C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jfiT7fMyCNeiz2ImhhN2n7SWfGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/1-wj9KbOyvPovdcQ24AKqmBV9kwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/00a95d-937c-473c-a85f-f87787b1d03c/1/jfiT7fMyCNeiz2ImhhN2n7SWfGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.76.0/23
91.228.4.0/22
195.28.26.0/23
Signature Algorithm: sha256WithRSAEncryption
80:fb:c8:48:c9:32:a8:3a:b0:73:1f:93:40:13:71:91:9b:f1:
4d:fa:68:69:0c:7d:a4:06:29:59:a4:68:99:bf:8a:70:a0:bc:
61:ae:c4:e2:2c:85:31:ee:8d:34:1a:77:19:2e:cf:22:55:07:
0b:9b:aa:d5:5e:9a:76:b0:2b:bf:a4:6c:b8:ed:22:df:18:d3:
54:59:c7:92:de:6f:46:a6:7b:74:36:7a:f2:53:ed:73:78:5f:
f0:a6:e1:8e:2c:3e:0f:03:f3:05:b9:ea:64:79:5c:f2:9a:c5:
f0:4a:8e:93:1e:4d:0e:b1:e6:8f:83:aa:71:ab:55:ac:f6:90:
9a:11:5a:d7:99:91:d0:39:45:0c:55:17:62:c4:d6:e8:7d:77:
38:eb:47:0a:ed:2a:c7:8c:7a:f7:b7:b3:83:75:80:38:0b:13:
6a:9c:37:f8:c9:f5:0e:ab:00:5f:81:ca:ba:bc:2f:7b:5e:9c:
1d:e6:41:6e:aa:1e:f9:7c:f0:ec:79:fe:97:02:b4:ca:d1:18:
5b:b9:00:0e:75:d9:29:20:d1:cd:94:24:df:58:42:8e:f8:6d:
f3:b2:fb:a4:9a:13:7c:6c:e4:be:32:75:50:45:2d:c6:56:2f:
ff:4f:85:bb:60:88:b0:a6:bd:ec:25:bb:15:ef:d5:c0:4b:3d:
ea:9c:22:23
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQj1zZQhe/AFk9gGO+R0nATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkZjg5M2VkZjMzMjA4ZDdhMmNmNjIyNjg2MTM3NjlmYjQ5
NjdjNjYwHhcNMjUwMTAxMjE0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjA4ZmQyOWIzYjJiY2ZhMmY3NWM0MzZlMDAyYWE5ODE1N2Q5MzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcIvhYha6LxXC51LWvnXkz7grNmf
nhTTArL5gYeAeq/UvdQZDz6rk+l7ck9+VkbstXot3AzKYRtrD5etajxRWuBnbW7n
3OP3KHfQ00Ie6Kpyv5Ls3dXwdElsHtnFIkhZ1t57p9tjnpyGwHhY4QWh6g2GZD4c
4TcT4GjoYPXh9THqGsLh2DaW7yxLxWAvILF+jY+wkiPmK7SeFvSLYiF4HfclKW3J
ZS983jKyDv+Gv/tvR3P/O3kg5NmzWu7ipwCFH6fk4KOxNl2sihEEDY/X1TepZ7ee
8Fru2E0wTGkDcxE7DiNGwHOnkZ17CubMzYwo0iTOeD1GOIMbKHAIzqwAWQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPsI/Smzsrz6L3XENuACqpgVfZMCMB8GA1UdIwQY
MBaAFI34k+3zMgjXos9iJoYTdp+0lnxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamZpVDdmTXlDTmVpejJJbWhoTjJuN1NXZkdZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wMGE5NWQtOTM3Yy00NzNjLWE4NWYt
Zjg3Nzg3YjFkMDNjLzEvMS13ajlLYk95dlBvdmRjUTI0QUtxbUJWOWt3SS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2QvMDBhOTVkLTkzN2MtNDczYy1hODVmLWY4Nzc4N2IxZDAz
Yy8xL2pmaVQ3Zk15Q05laXoySW1oaE4ybjdTV2ZHWS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVvCTAME
AlvkBAMEAcMcGjANBgkqhkiG9w0BAQsFAAOCAQEAgPvISMkyqDqwcx+TQBNxkZvx
TfpoaQx9pAYpWaRomb+KcKC8Ya7E4iyFMe6NNBp3GS7PIlUHC5uq1V6adrArv6Rs
uO0i3xjTVFnHkt5vRqZ7dDZ68lPtc3hf8Kbhjiw+DwPzBbnqZHlc8prF8EqOkx5N
DrHmj4OqcatVrPaQmhFa15mR0DlFDFUXYsTW6H13OOtHCu0qx4x697ezg3WAOAsT
apw3+Mn1DqsAX4HKurwve16cHeZBbqoe+Xzw7Hn+lwK0ytEYW7kADnXZKSDRzZQk
31hCjvht87L7pJoTfGzkvjJ1UEUtxlYv/0+Fu2CIsKa97CW7Fe/VwEs96pwiIw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:28 2025 by rpki-client